Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Oi-eQrdPYbnugHI5uPXLgip0CHM.roa
File: Oi-eQrdPYbnugHI5uPXLgip0CHM.roa (raw, json)
Hash identifier: CBGgFvvgyuF+Izaq4HO2YvDhhY/WPJOZ3zLmk6WAds8=
Subject key identifier: 3A:2F:9E:42:B7:4F:61:B9:EE:80:72:39:B8:F5:CB:82:2A:74:08:73
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01881E34AF718234E525BEE3886A7362560E
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Oi-eQrdPYbnugHI5uPXLgip0CHM.roa
Signing time: Mon 15 May 2023 06:59:09 +0000
ROA not before: Mon 15 May 2023 06:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29310
IP address blocks: 213.244.116.0/24 maxlen: 24
213.244.117.0/24 maxlen: 24
213.244.115.0/24 maxlen: 24
213.244.122.0/24 maxlen: 24
193.223.252.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:34:af:71:82:34:e5:25:be:e3:88:6a:73:62:56:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: May 15 06:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2f9e42b74f61b9ee807239b8f5cb822a740873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:92:31:14:70:2f:55:dc:26:f2:02:a8:46:60:
32:0c:0b:0c:d0:89:60:bc:86:4c:03:d0:16:5d:0e:
e4:53:de:8c:7a:3a:3b:53:52:81:5f:7e:af:fd:65:
c5:ad:a2:f5:21:ad:f5:fc:41:71:29:6d:1d:08:20:
e8:8c:f8:94:4a:b5:0d:3a:22:a5:22:19:59:ce:40:
11:3a:c3:bd:09:c2:69:28:d9:8b:d2:c0:9b:c9:f9:
0d:e0:88:67:e4:79:b7:c8:f0:67:68:0e:4d:ec:e9:
bf:59:48:84:38:8d:c9:f5:17:38:8b:26:8c:14:e0:
d0:12:a4:3d:0f:67:cf:ba:7e:8a:c5:64:25:3d:c1:
f6:08:83:3b:15:1e:e2:f1:0e:fc:46:dc:3a:8e:4f:
26:9f:e5:3d:65:f5:a9:01:80:48:05:a8:8a:67:18:
a3:bf:98:4c:00:be:78:b7:c3:0e:a3:73:14:38:50:
49:2f:49:d8:b0:0b:df:0c:3e:ec:b4:60:ac:be:73:
c7:e5:04:a8:ff:fd:82:0e:2b:09:ab:33:6a:ea:17:
ba:da:5e:19:cd:51:9d:fb:f5:78:12:1b:7d:7d:b2:
c8:82:03:84:f4:0b:c8:d2:5f:19:58:d8:a6:b7:ea:
98:30:07:b2:c9:fb:d3:e8:6c:c0:4e:a3:f9:46:59:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:9E:42:B7:4F:61:B9:EE:80:72:39:B8:F5:CB:82:2A:74:08:73
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Oi-eQrdPYbnugHI5uPXLgip0CHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.252.0/23
213.244.115.0-213.244.117.255
213.244.122.0/24
Signature Algorithm: sha256WithRSAEncryption
45:78:60:39:bb:8e:f3:80:e1:71:55:5c:42:4f:01:d4:4d:50:
21:23:e1:86:23:58:1f:b8:00:b2:e0:0a:77:54:63:ba:85:18:
14:d7:aa:87:ca:ff:2b:88:c0:13:a9:a2:eb:58:0a:9f:1f:53:
6a:8b:ad:bd:3e:ac:90:fb:67:15:47:39:da:3a:09:4f:65:09:
9a:a3:c9:85:84:8f:a2:f0:62:8f:6d:ff:91:ca:12:60:35:68:
79:b2:8c:0d:6d:a0:89:70:ea:7f:83:77:81:1f:a0:b6:53:4d:
a3:a0:12:cb:50:de:9d:8b:60:40:2f:06:71:84:4e:0a:56:6c:
82:03:c8:bf:78:1d:46:bc:cd:d0:69:02:97:93:e4:9e:ac:05:
10:89:13:a6:50:44:39:af:fa:c6:cd:60:f1:14:1b:85:95:46:
00:78:88:a2:06:7d:07:71:e4:37:70:2a:21:f2:ae:57:3d:87:
58:08:6d:77:a1:d9:a8:a4:59:ec:5b:87:47:05:56:b0:2a:6a:
5a:92:b5:83:e7:22:bd:ab:9c:0d:7c:2b:6e:e7:c0:78:7e:65:
9b:32:e5:ce:c4:5e:d0:7c:25:d8:ed:f3:fe:eb:e6:7a:a1:16:
aa:2e:53:f4:95:9f:fc:c8:b6:17:a8:f2:8f:60:3b:01:04:c8:
8f:1e:d4:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYgeNK9xgjTlJb7jiGpzYlYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjMwNTE1MDY1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJmOWU0MmI3NGY2MWI5ZWU4MDcyMzliOGY1Y2I4MjJhNzQwODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpIxFHAvVdwm8gKoRmAyDAsM0Ilg
vIZMA9AWXQ7kU96Mejo7U1KBX36v/WXFraL1Ia31/EFxKW0dCCDojPiUSrUNOiKl
IhlZzkAROsO9CcJpKNmL0sCbyfkN4Ihn5Hm3yPBnaA5N7Om/WUiEOI3J9Rc4iyaM
FODQEqQ9D2fPun6KxWQlPcH2CIM7FR7i8Q78Rtw6jk8mn+U9ZfWpAYBIBaiKZxij
v5hMAL54t8MOo3MUOFBJL0nYsAvfDD7stGCsvnPH5QSo//2CDisJqzNq6he62l4Z
zVGd+/V4Eht9fbLIggOE9AvI0l8ZWNimt+qYMAeyyfvT6GzATqP5RlkJVwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDovnkK3T2G57oByObj1y4IqdAhzMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvT2ktZVFyZFBZYm51Z0hJNXVQWExnaXAwQ0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBwd/8MAwD
BADV9HMDBAHV9HQDBADV9HowDQYJKoZIhvcNAQELBQADggEBAEV4YDm7jvOA4XFV
XEJPAdRNUCEj4YYjWB+4ALLgCndUY7qFGBTXqofK/yuIwBOpoutYCp8fU2qLrb0+
rJD7ZxVHOdo6CU9lCZqjyYWEj6LwYo9t/5HKEmA1aHmyjA1toIlw6n+Dd4EfoLZT
TaOgEstQ3p2LYEAvBnGETgpWbIIDyL94HUa8zdBpApeT5J6sBRCJE6ZQRDmv+sbN
YPEUG4WVRgB4iKIGfQdx5DdwKiHyrlc9h1gIbXeh2aikWexbh0cFVrAqalqStYPn
Ir2rnA18K27nwHh+ZZsy5c7EXtB8Jdjt8/7r5nqhFqouU/SVn/zItheo8o9gOwEE
yI8e1OE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:09 2024 by rpki-client on console-ams.rpki-client.org